Skills
skills/membranedev/application-skills/facturadirecta/Gen Agent Trust Hub

facturadirecta

Pass

Audited by Gen Agent Trust Hub on Apr 23, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill requires the installation of the @membranehq/cli package via npm. This is a standard global installation for the vendor's platform CLI tools.
  • [COMMAND_EXECUTION]: The skill utilizes the membrane CLI to manage connections and execute API actions. These commands are used as intended for the platform's integration logic and do not involve unauthorized system access.
  • [PROMPT_INJECTION]: The skill is subject to indirect prompt injection as it retrieves and processes external data from FacturaDirecta.
  • Ingestion points: Untrusted data enters the agent context through the output of membrane action run and membrane request commands when retrieving invoices, clients, or products.
  • Boundary markers: The skill does not implement specific delimiters or 'ignore' instructions for the data retrieved from the external API.
  • Capability inventory: The skill has the capability to create and update records (e.g., create-invoice, update-client) and perform arbitrary HTTP requests through the membrane request proxy.
  • Sanitization: There is no evidence of sanitization or validation of the data returned from FacturaDirecta before it is processed by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 23, 2026, 03:56 AM